CVE-2025-49080

High CVSS: 8.7

There is a memory management vulnerability in Absolute
Secure Access server versions 9.0 to 13.54. Attackers with network access to
the server can cause a Denial of Service by sending a specially crafted
sequence of packets to the server. The attack complexity is low, there are no
attack requirements, privileges, or user interaction required. Loss of
availability is high; there is no impact on confidentiality or integrity.

Vendor

Absolute

Product

Secure Access

CWE

CWE-762

Yayın Tarihi

2025-06-12 17:15:29

Güncelleme

2025-06-23 14:09:31

Source Identifier

SecurityResponse@netmotionsoftware.com

KEV Date Added

Kategoriler

CWE-762 Secure Access HIGH Absolute 2025

Referanslar

https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2025-49080

Benzer Kayıtlar

Medium

CVE-2026-0518

CVE-2026-0518 is a cross-site scripting vulnerability in versions of Secure Access prior to 14.20. An attacker with adm…

Medium

CVE-2026-0519

In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentication token to logs u…

Medium

CVE-2026-0517

CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure Access Server prior to 14.20. An attacker can…

High

CVE-2025-59595

CVE-2025-59595 is an internally discovered denial of service vulnerability in versions of Secure Access prior to 14.12.…

Medium

CVE-2025-59596

CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 to 14.10 that is addr…

Medium

CVE-2025-54088

CVE-2025-54088 is an open-redirect vulnerability in Secure Access prior to version 14.10. Attackers with access to the c…